Detecting Peripheral-based Attacks on the Host Memory

  • Patrick Stewin

Part of the T-Labs Series in Telecommunication Services book series (TLABS)

Table of contents

  1. Front Matter
    Pages i-xv
  2. Patrick Stewin
    Pages 1-7
  3. Patrick Stewin
    Pages 21-31
  4. Patrick Stewin
    Pages 53-69
  5. Patrick Stewin
    Pages 71-94
  6. Patrick Stewin
    Pages 95-98
  7. Back Matter
    Pages 99-108

About this book

Introduction

This work addresses stealthy peripheral-based attacks on host computers and presents a new approach to detecting them. Peripherals can be regarded as separate systems that have a dedicated processor and dedicated runtime memory to handle their tasks. The book addresses the problem that peripherals generally communicate with the host via the host’s main memory, storing cryptographic keys, passwords, opened files and other sensitive data in the process – an aspect attackers are quick to exploit. 

Here, stealthy malicious software based on isolated micro-controllers is implemented to conduct an attack analysis, the results of which provide the basis for developing a novel runtime detector. The detector reveals stealthy peripheral-based attacks on the host’s main memory by exploiting certain hardware properties, while a permanent and resource-efficient measurement strategy ensures that the detector is also capable of detecting transient attacks, which can otherwise succeed when the applied strategy only measures intermittently. Attackers exploit this strategy by attacking the system in between two measurements and erasing all traces of the attack before the system is measured again.

 

Keywords

Anti-hacking Tools BARM Bus Agent Runtime Monitor Computer System Security Measures Cyber Criminality DAGGER Direct Memory Access based keystroke Code logger DMA Malware Input/Output Memory Management Units Memory Attacks Rootkit-based Attacks

Authors and affiliations

  • Patrick Stewin
    • 1
  1. 1.Technische Universität BerlinBerlinGermany

Bibliographic information

  • DOI https://doi.org/10.1007/978-3-319-13515-1
  • Copyright Information Springer International Publishing Switzerland 2015
  • Publisher Name Springer, Cham
  • eBook Packages Engineering
  • Print ISBN 978-3-319-13514-4
  • Online ISBN 978-3-319-13515-1
  • Series Print ISSN 2192-2810
  • Series Online ISSN 2192-2829
  • About this book
Industry Sectors
Pharma
Automotive
Biotechnology
Electronics
Telecommunications
Energy, Utilities & Environment
Aerospace
Oil, Gas & Geosciences